--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.1 creationTimestamp: null name: keycloakclients.keycloak.bitmask.me spec: group: keycloak.bitmask.me names: kind: KeycloakClient listKind: KeycloakClientList plural: keycloakclients singular: keycloakclient scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KeycloakClient is the Schema for the keycloakclients API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: KeycloakClientSpec defines the desired state of KeycloakClient properties: adminUrl: description: URL to the admin interface of the client type: string baseUrl: description: Default URL to use when the auth server needs to redirect or link back to the client type: string bearerOnly: description: The access type of this client is bearer-only. type: boolean clientAuthenticatorType: description: How should Clients authenticate to the server? either 'client-secret' or 'client-jwt'. type: string clientId: description: ClientID is the alphanumeric identifier of the client in a realm. type: string consentRequired: description: If enabled, users have to consent to client access. type: boolean defaultClientScopes: description: Which client scopes chould be granted by default, even without specifying them. items: type: string type: array description: description: Human Readable description type: string directAccessGrantsEnabled: description: Are direct access grants enabled for this client or not (OpenID connect). type: boolean enabled: description: If the client is enabled and active type: boolean implicitFlowEnabled: description: Enable implicit flow for this client or not (OpenID connect). type: boolean name: description: Displayed Name of the Client type: string optionalClientScopes: description: Which additional scopes can be specified by the client items: type: string type: array protocol: description: Protocol, either 'openid-connect' or 'saml' type: string publicClient: description: Is the access type for this client public or not. type: boolean realmName: description: Name of the Realm the client should be created in type: string redirectUris: description: URL to the admin interface of the client items: type: string type: array registrationAccessToken: description: Used for authentication when registering new clients type: string rootUrl: description: Root URL appended to relative URLs for this client type: string secret: description: A client Secret is not always required properties: key: default: password description: Key of the attribute, that holds the value in the Secret. type: string name: description: Name of the Secret containing the client Secret. type: string required: - name type: object serviceAccountsEnabled: description: Are service accounts enabled for this client or not (OpenID connect). type: boolean standardFlowEnabled: description: Enable standard flow for this client or not (OpenID connect). type: boolean surrogateAuthRequired: description: Whether or not surrogate auth is required. type: boolean webOrigins: description: List of allowed CORS origins items: type: string type: array required: - clientId - realmName type: object status: description: KeycloakClientStatus defines the observed state of KeycloakClient properties: available: type: boolean required: - available type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []